Government and Big Tech Urge Caution During Holiday Shopping Rush

Black Friday deals went live this week, and millions of shoppers flocked online, meaning cybercriminals are ramping up efforts to take advantage of the buying frenzy. Amazon has issued an urgent warning to its 310 million global users, while the FBI and U.S. Secret Service are flagging alarming new scams, some powered by artificial intelligence and advanced voice cloning tools.

The scale and variety of these scams are growing, and criminals are targeting people across every major digital touchpoint.

With a flood of misleading websites and spoofed brands online, shoppers are being urged to slow down, verify the source of every transaction, and educate family members who may be less familiar with new types of cybercrime.

Why It Matters: Millions of people are planning to send digital payments during the holiday season. This surge in online activity creates a perfect opportunity for criminals to exploit consumer trust, often resulting in compromised accounts or the leaking of personal information. Recognizing how these scams operate is one of the most important ways to stay protected.

• Amazon Warns Users Amid Wave of Fake Websites and Messages: Amazon has notified its global user base of an increase in phishing attempts around Black Friday and Cyber Monday. Scammers are imitating Amazon communications to trick users into clicking suspicious links, entering login credentials, or sharing payment information. Over 2,900 websites pretending to be Amazon have been confirmed as malicious, many using near-identical URLs or visual designs. Amazon advises users to stick to the official mobile app or website for all customer activities and to enable two-factor authentication to help prevent account takeovers.

• FBI Cautions Shoppers Against High-Pressure Deals and Gift Card Traps: According to the FBI’s Boston office, cybercriminals are using urgent messages and fraudulent offers to rush consumers into making purchases before verifying legitimacy. Pop-ups, emails, and texts that promote brand-name products at massive discounts are often traps. The agency also highlighted how scammers are targeting people with fake work-from-home offers or asking them to purchase and send gift cards that are already drained of funds. The FBI advises consumers to check reviews, contact vendors directly, and take time to assess the legitimacy of any high-pressure request or promotion.

• U.S. Secret Service Reveals Alarming Rise in Voice Cloning Fraud: Cybercriminals are now using advanced AI tools to clone voices with as little as three seconds of audio. In one case, a scammer impersonated the owner of a bakery franchise and instructed an employee to withdraw cash and send it through a cryptocurrency ATM. The Secret Service says these scams are becoming more common and harder to detect, as cloned voices closely mimic the tone and speech patterns of real individuals. Criminals often impersonate known associates and family, making their instructions seem credible and urgent. Victims are then manipulated into transferring funds to crypto wallets that are nearly impossible to trace.

• Credit Card Skimming Upgraded with Bluetooth and Instant Theft: Organized crime syndicates are collaborating with local criminals to install skimming devices at checkout points. These skimmers are now equipped with Bluetooth technology, allowing stolen credit card data to be transmitted wirelessly in real-time. Victims may swipe their cards at one store only to find fraudulent charges occurring minutes later in another city or state. Secret Service officials recommend shaking payment terminals before using them and choosing contactless payments like tap-to-pay, which are less commonly exploited by skimmers.

• Thousands of Scam Domains Target Holiday Shoppers: FortiGuard Labs has documented more than 18,000 newly registered domains using holiday-related terms like “Black Friday” and “Flash Sale,” with over 750 confirmed to be actively malicious. Another 19,000 domains appear to impersonate major retailers such as Amazon, Netflix, and PayPal. These fraudulent sites are often used to harvest login credentials or payment information by mimicking the look of official sites. Scammers count on the fact that many shoppers are in a hurry and may not notice small spelling errors or layout differences. Security experts are urging users to verify URLs before entering any personal or financial details.

Go Deeper -> Amazon sends urgent alert — 300 million customers are at risk of cyber threat ahead of Black Friday – Mint

FBI issues warning about cyber criminals – WCVB Boston

US Secret Service issues holiday warning on new techniques used by cyber criminals – ABC7 Chicago